|By Bob Gourley||
|August 10, 2012 01:00 AM EDT||
A review of the key properties of network virtualization can inform your planning and help in requirements generation as you architect new systems. The best source of information I’ve found on network virtualization is at Nicira, a firm anyone with an infrastructure should be paying attention to now.
The following is drawn from their paper on The Seven Properties of Network Virtualization”
1. Independence from network hardware
In the emerging multi-tenant cloud, the old rules of vendor lock-in are rapidly changing. A network virtualization platform must be able to operate on top of any network hardware, much like x86 server hypervisors work on top of any server. This independence means the physical network can be supplied by any combination of hardware vendors. Over time, newer architectures that better support virtualization as well as commodity options are becoming available, further improving the capital efficiency of cloud.
2. Faithful reproduction of the physical network service model
The vast bulk of enterprise applications have not been written as web applications, and the cost/payback ratio of rewriting tens of billions of dollars of application development is neither realistic nor even possible. Therefore, a network virtualization platform must be able to support any workload that runs within a physical environment today. In order to do so, it must recreate Layer 2 and Layer 3 semantics fully, including support for broadcast and multicast. In addition it must be able to offer higher-level in-network services that are used in networks today such as ACLs, load balancing, and WAN optimization.
It is also important that the virtual network solution fully virtualize the network address space. Commonly, virtual networks are migrated from or integrated with physical environments where it is not possible to change the current addresses of the VMs. Therefore, it is important that a virtual network environment not dictate or limit the addresses that can be used within the virtual networks, and that it allows overlapping IP and MAC addresses between virtual networks.
3. Follow operational model of compute virtualization
A key property of compute virtualization is the ability to treat a VM as soft state, meaning it can be moved, paused, resumed, snapshotted, and rewound to a previous configuration. In order to integrate seamlessly in a virtualized environment, a network virtualization solution must support the same control and flexibility for virtual networks.
4. Compatible with any hypervisor platform
Network virtualization platforms must also be able to work with the full range of server hypervisors, including Xen, XenServer, KVM, ESX, and HyperV, providing the ability to control virtualized network connectivity across any network substrate as well as between hypervisor environments. This “any-to-any” paradigm shift provides for:
- More effective utilization of existing network investments,
- Cost and management reduction of new, Layer 3 fabric innovations,
- Workload portability from enterprise to cloud service provider environments.
5. Secure isolation between virtual networks, the physical network, and the control plane
The promise of multi-tenancy requires maximum utilization of compute, storage and network assets through sharing of the physical infrastructure. It is important that a network virtualization platform maintain this consolidation while still providing the isolation needed by regulatory compliance standards such as PCI or FINRA, as well as provide the same security guarantees of compute virtualization.Like compute virtualization, a network virtualization platform should provide strict address isolation between virtual networks (meaning one virtual network cannot inadvertently address another) as well address isolation between the virtual networks and the physical network. This last property removes the physical network as an attack target unless the virtualization platform itself is undermined.
6. Cloud performance and scale
Cloud drives a significant increase in the scale of tenants, servers, and applications supported in a single data center. However, current networks are still bound by the physical limitations of networks, especially VLANs (which are limited to 4,096). VLANS were designed during an earlier era before server virtualization dramatically increased the requirements for the numbers of virtually isolated environments. Network virtualization must support considerably larger scale deployments with tens thousands, or even hundreds of thousands of virtual networks. This not only enables a larger number of tenants, but also support critical services like disaster recovery, data center utilization, etc., which outstrip current limitations.
A virtual network solution should also not introduce any chokepoints or single points of failure into the network. This roughly entails that to all components for the solution must be fully distributed, and all network paths should support multi-pathing and failover. Finally, a network virtualization solution should also not significantly impact data path performance. The number of lookups on the data path required to implemented network virtualization is similar to what data paths perform today. It is possible to implement full network virtualization in software at the edge of the network and still perform at full 10G line rates.
7. Programmatic network provisioning and control
Traditionally, networks are configured one device at a time, although this can be accelerated through the development of scripts (which emulate individual configuration). Current approaches make network configuration slow, error prone and open to security holes through a mistaken keystroke. In a large-scale cloud environment, this introduces a level of fragility and manual configuration costs that hurt service velocity and/or profitability.
A network virtualization solution should provide full control over all virtual network resources and allow for these resources to be managed programmatically. This allows the provisioning to happen at the service level versus the element level significantly simplifying provisioning logic and any disruption that might occur due to physical network node failure. The programmatic API should provide full access to management and configuration of a virtual network to not only support dynamic provisioning at cloud time scales, but also the ability to introduce and configure services on the fly.
The seven key features above are a great starting point for requirements for your enterprise architecture. The good news is that you can enjoy all these features of network virtualization without significant change. The only thing it really requires is an understanding of this new approach and access to the technical thought leadership.
For more on this topic a great place to start your research is with Nicira.
The Internet of Everything is re-shaping technology trends–moving away from “request/response” architecture to an “always-on” Streaming Web where data is in constant motion and secure, reliable communication is an absolute necessity. As more and more THINGS go online, the challenges that developers will need to address will only increase exponentially. In his session at @ThingsExpo, Todd Greene, Founder & CEO of PubNub, exploreed the current state of IoT connectivity and review key trends and technology requirements that will drive the Internet of Things from hype to reality.
Nov. 26, 2015 06:45 AM EST Reads: 389
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessions, I wanted to share some of my observations on emerging trends. As cyber security serves as a fou...
Nov. 26, 2015 06:15 AM EST Reads: 295
Continuous processes around the development and deployment of applications are both impacted by -- and a benefit to -- the Internet of Things trend. To help better understand the relationship between DevOps and a plethora of new end-devices and data please welcome Gary Gruver, consultant, author and a former IT executive who has led many large-scale IT transformation projects, and John Jeremiah, Technology Evangelist at Hewlett Packard Enterprise (HPE), on Twitter at @j_jeremiah. The discussion is moderated by me, Dana Gardner, Principal Analyst at Interarbor Solutions.
Nov. 26, 2015 03:45 AM EST Reads: 690
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
Nov. 26, 2015 03:00 AM EST Reads: 303
With all the incredible momentum behind the Internet of Things (IoT) industry, it is easy to forget that not a single CEO wakes up and wonders if “my IoT is broken.” What they wonder is if they are making the right decisions to do all they can to increase revenue, decrease costs, and improve customer experience – effectively the same challenges they have always had in growing their business. The exciting thing about the IoT industry is now these decisions can be better, faster, and smarter. Now all corporate assets – people, objects, and spaces – can share information about themselves and thei...
Nov. 26, 2015 02:00 AM EST Reads: 185
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound effect on the world, and what should we expect to see over the next couple of years.
Nov. 26, 2015 01:30 AM EST Reads: 432
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Day 2 Keynote at 17th Cloud Expo, Sandy Carter, IBM General Manager Cloud Ecosystem and Developers, and a Social Business Evangelist, wil...
Nov. 26, 2015 12:00 AM EST Reads: 522
PubNub has announced the release of BLOCKS, a set of customizable microservices that give developers a simple way to add code and deploy features for realtime apps.PubNub BLOCKS executes business logic directly on the data streaming through PubNub’s network without splitting it off to an intermediary server controlled by the customer. This revolutionary approach streamlines app development, reduces endpoint-to-endpoint latency, and allows apps to better leverage the enormous scalability of PubNub’s Data Stream Network.
Nov. 26, 2015 12:00 AM EST Reads: 282
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true change and transformation possible.
Nov. 26, 2015 12:00 AM EST Reads: 484
Microservices are a very exciting architectural approach that many organizations are looking to as a way to accelerate innovation. Microservices promise to allow teams to move away from monolithic "ball of mud" systems, but the reality is that, in the vast majority of organizations, different projects and technologies will continue to be developed at different speeds. How to handle the dependencies between these disparate systems with different iteration cycles? Consider the "canoncial problem" in this scenario: microservice A (releases daily) depends on a couple of additions to backend B (re...
Nov. 25, 2015 10:00 PM EST Reads: 393
I recently attended and was a speaker at the 4th International Internet of @ThingsExpo at the Santa Clara Convention Center. I also had the opportunity to attend this event last year and I wrote a blog from that show talking about how the “Enterprise Impact of IoT” was a key theme of last year’s show. I was curious to see if the same theme would still resonate 365 days later and what, if any, changes I would see in the content presented.
Nov. 25, 2015 09:00 PM EST Reads: 366
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Ben Perlmutter, a Sales Engineer with IBM Cloudant, demonstrated techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user experience, both offline and online. The focus of this talk was on IBM Cloudant, Apache CouchDB, and ...
Nov. 25, 2015 08:30 PM EST Reads: 367
Container technology is shaping the future of DevOps and it’s also changing the way organizations think about application development. With the rise of mobile applications in the enterprise, businesses are abandoning year-long development cycles and embracing technologies that enable rapid development and continuous deployment of apps. In his session at DevOps Summit, Kurt Collins, Developer Evangelist at Built.io, examined how Docker has evolved into a highly effective tool for application delivery by allowing increasingly popular Mobile Backend-as-a-Service (mBaaS) platforms to quickly crea...
Nov. 25, 2015 05:00 PM EST Reads: 302
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York and Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound cha...
Nov. 25, 2015 02:45 PM EST Reads: 498
Internet of @ThingsExpo, taking place June 7-9, 2016 at Javits Center, New York City and Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 18th International @CloudExpo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo New York Call for Papers is now open.
Nov. 25, 2015 02:30 PM EST Reads: 508
The cloud. Like a comic book superhero, there seems to be no problem it can’t fix or cost it can’t slash. Yet making the transition is not always easy and production environments are still largely on premise. Taking some practical and sensible steps to reduce risk can also help provide a basis for a successful cloud transition. A plethora of surveys from the likes of IDG and Gartner show that more than 70 percent of enterprises have deployed at least one or more cloud application or workload. Yet a closer inspection at the data reveals less than half of these cloud projects involve production...
Nov. 25, 2015 02:15 PM EST Reads: 426
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical to maintaining positive ROI. Raxak Protect is an automated security compliance SaaS platform and ma...
Nov. 25, 2015 02:00 PM EST Reads: 356
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
Nov. 25, 2015 01:30 PM EST Reads: 469
There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content. Join @ThingsExpo conference chair Roger Strukhoff (@IoT2040), June 7-9, 2016 in New York City, for three days of intense 'Internet of Things' discussion and focus, including Big Data's indespensable role in IoT, Smart Grids and Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) IoT's use in Vertical Markets.
Nov. 25, 2015 12:00 PM EST Reads: 523
Today air travel is a minefield of delays, hassles and customer disappointment. Airlines struggle to revitalize the experience. GE and M2Mi will demonstrate practical examples of how IoT solutions are helping airlines bring back personalization, reduce trip time and improve reliability. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Dr. Sarah Cooper, M2Mi’s VP Business Development and Engineering, explored the IoT cloud-based platform technologies driving this change including privacy controls, data transparency and integration of real time context with p...
Nov. 25, 2015 12:00 PM EST Reads: 367